Hi Wesley Kenis ,
Thank you for your feedback about updating the Key Vault requirement so that the Key Vault name does not need to be globally unique.
The reason that the Key Vault name needs to be unique is because the key vault, keys, and secretes are all accessed by the key vault URL: https://{vault-name}.vault.azure.net/
Keys, secrets, and certificates within the vault are also accessed by the URL and object identifiers: https://{vault-name}.vault.azure.net/{object-type}/{object-name}/{object-version}
The same requirement exists for Managed HSM pools and storage account names. The explanation for this design is documented in Azure Key Vault keys, secrets and certificates overview
Since the endpoints differ across Azure Cloud, Azure China Cloud, Azure US Government, and Azure German Cloud, you could technically have a Key Vault with the same name as another Key Vault in a different region.
There have been some requests to the product team to change this requirement, and I have shared your feedback with the product team as well. If you would like to leave feedback for them directly, you can also do that in the feedback forum. Someone else has also shared the same feedback here, which you can upvote and follow for updates. Feature requests are prioritized by upvotes so it will help to upvote the existing request.
In the meantime, to speed up the process, one recommendation is to use checkNameAvailability in the Azure API to verify if a Key Vault name is valid and not already in use:
POST https://management.azure.com/subscriptions/{subscriptionId}/providers/Microsoft.KeyVault/checkNameAvailability?api-version=2022-07-01
While you are probably already doing this, it also helps to adopt custom naming conventions to align the key vault names with a standard familiar to your organization (kv-description).
I'll update this thread if I hear additional updates from the product team around this feature though.
-
If the information helped you, please Accept the answer. This will help us as well as others in the community who might be researching similar information.